<?php
	require_once('../includes/config.php');
	$action = $_REQUEST['act'];
	$proid = str_replace(" ","",$_POST['id']);
	$procat = $_POST['cat'];
	$proname = $_POST['name'];
	$proimage = $_POST['urlimg'];
	$prodetail = $_POST['detail'];	
	$timenow = date("Y-m-d H:i:s");

	if($action == "add")
	{
		$sql_insert = "INSERT INTO tbl_product ( pro_cat, pro_name, pro_img, pro_detail, pro_date_added) 
						VALUES ('$procat', '$proname', '$proimage', '$prodetail', '$timenow')";
		mysql_query($sql_insert) or die("can not insert into database");
		echo 1;
		exit;
	}
	elseif($action == "edit")
	{
		mysql_query("UPDATE tbl_product SET pro_cat = '$procat', pro_name = '$proname', pro_img = '$proimage', pro_detail = '$prodetail', pro_lasted_update = '$timenow' WHERE id = '$proid'") or die("can not update");
		echo 1;
		exit;
	}
	elseif($_GET['act'] == "del")
	{
		$id = $_REQUEST['id'];
		mysql_query("DELETE FROM tbl_product WHERE id = '$id'");
		//del all comment for this product
		mysql_query("DELETE FORM tbl_comment WHERE id_product = '$id'");
		echo 1;
		exit;
	}


?>